<? require_once("sitemap.php"); ?>
<?
$action="start";

if (!empty($_POST['action']))
{
	$action = $_POST['action'];
}
?>
<html>
	<title><? echo (":" . $HTTP_SERVER_VARS['REMOTE_USER'] . ": ". $Botname); ?>'s EL-BOT purchase Management</title>
<body>
	<h1><? echo ($Botname); ?>'s EL-BOT Tradelist Management - purchase</h1>
	<form method="post" action="purchase.php"><input type="submit" name="submit" value="RELOAD"><input type="hidden" name="action" value="refresh"></form>
	<?
	if ($action=="remove")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		$id=intval(mysql_real_escape_string($_POST['id']));
		$sql = "DELETE FROM wanteditems WHERE id='$id';";
		$result = mysql_query($sql,$db);
	}
	if ($action=="update")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		if (empty($_POST['announce'])) {$announce = 0;} else {$announce = 1;} 
		$id=intval(mysql_real_escape_string($_POST['id']));

		$priceListid=intval(mysql_real_escape_string($_POST['priceListid']));
		if (empty($_POST['announce'])) {$announce = 0;} else {$announce = 1;} 	
		$pricepurchase=floatval(mysql_real_escape_string($_POST['pricepurchase']));
		$pricepurchasemembers=floatval(mysql_real_escape_string($_POST['pricepurchasemembers']));
		$maxquantity=intval(mysql_real_escape_string($_POST['maxquantity']));
		$sql = "UPDATE pricelist SET pricepurchase='$pricepurchase', pricepurchasemembers='$pricepurchasemembers' WHERE id='$priceListid';";
		$result = mysql_query($sql,$db);
		echo (mysql_error());
		$sql = "UPDATE wanteditems SET announce='$announce',maxquantity='$maxquantity' WHERE id='$id';";
		$result = mysql_query($sql,$db);
		echo (mysql_error());
	}
	if ($action=="add")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		$id=intval(mysql_real_escape_string($_POST['id']));
		$sql = "INSERT INTO wanteditems (pricelistid,announce,maxquantity,botid) VALUES ('$id',0,32-32,'$botid');";
		$result = mysql_query($sql,$db);
	}
	?>
	<?
		$result = mysql_query("SELECT wanteditems.id, knownitems.id, knownitems.name, knownitems.description, pricelist.pricepurchase, wanteditems.announce, pricelist.id, wanteditems.maxquantity, pricelist.pricepurchasemembers FROM wanteditems,knownitems,pricelist WHERE wanteditems.pricelistid=pricelist.id AND pricelist.knownitemsid=knownitems.id AND wanteditems.botid=$botid ORDER BY knownitems.name",$db);
	?>
<h2>Legend:</h2>
	<table border="1" cellpadding="0" cellspacing="0">
	<tr>
			<td bgcolor="Red">No Items in Inventory</td>
			<td bgcolor="Green">Items are in Inventory</td>
		</tr>
	</table>
<h2>Tradelist - purchase:</h2>
	<table border="1" cellpadding="0" cellspacing="0">
		<tr bgcolor="Gray">
			<td>id</td>
			<td>name</td>
			<? // <td>description</td> ?>
			<td>quantity</td>
			<td><table border="0" cellpadding="0" cellspacing="0">
				<td><input type="text" size=12 disabled value="purchase"></td>
				<td><input type="text" size=12 disabled value="purchase members"></td>
				<td><input type="text" size=12 disabled value="Max quantity"></td>
				<td>Disabled</td><td>Update</td></tr>
			</table></td>
			<td>Functions</td>
		</tr>
		<?
			while ($myrow = mysql_fetch_row($result)) {

			$resultB = mysql_query("SELECT SUM(quantity) FROM inventory WHERE pos<37 AND botid = $botid AND knownitemsid=".$myrow[1]." ;",$db);
			$myrowB = mysql_fetch_row($resultB);
			
			if (!empty($myrowB[0]))
			{
				$quantity = $myrowB[0];
			}
			else
			{
				$quantity = 0;
			}
		?>
		<tr <? if ($myrowB[0]) { echo ('bgcolor="Green"'); } else { echo ('bgcolor="Red"'); }?>>
			<td><?echo ($myrow[1])?></td>
			<td><?echo ($myrow[2])?></td>
			<? // <td> ?><? // echo ($myrow[3])?><? // </td> ?>
			<td><?echo ($quantity)?></td>
			<td>				
				<form method="post" action="purchase.php">
				<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
				<input type="hidden" name="action" value="update">
				<input type="hidden" name="priceListid" value="<? echo ($myrow[6]) ?>">
				<input type="hidden" name="itemname" value="<? echo ($myrow[2]) ?>">
				<table border="0" cellpadding="0" cellspacing="0">
				<tr>
					<td><? //pricepurchase<br> ?><input type="text" size="12" name="pricepurchase" value="<?echo ($myrow[4])?>"></td>
					<td><? //pricepurchasemembers<br> ?><input type="text" size="12" name="pricepurchasemembers" value="<?echo ($myrow[8])?>"></td>
					<td><? //maxquantity<br> ?><input type="text" size="12" name="maxquantity" value="<?echo ($myrow[7])?>"></td>
					<td><? //Disabled<br> ?><input type="checkbox" name="announce" <? if ($myrow[5]==1) {echo ("checked");} ?>></td>
					<td><input type="submit" name="submit" value="UPDATE"></td>
				</tr>
				</table>
				</form>
			</td>
			<td>
				<form method="post" action="purchase.php">
					<input type="submit" name="submit" value="REMOVE">
					<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
					<input type="hidden" name="action" value="remove">
				</form>
			</td>
		</tr>
		<?
			}
		?>
	</table>	
	
	<h2>Items available for purchase:</h2>
	<table border="1" cellpadding="0" cellspacing="0">
		<tr>
			<td>id</td>
			<td>name</td>
			<? // <td>description</td> ?>
			<td>pricesale</td>
			<td>pricesalemembers</td>
			<td>pricepurchase</td>
			<td>pricepurchasemembers</td>
			<td>Functions</td>
		</tr>
		<?php
		//AND SellingItems.pricelistid IS NULL 
		
		$result = mysql_query("SELECT pricelist.id, knownitems.name, knownitems.description, pricelist.pricesale, pricelist.pricesalemembers, pricelist.pricepurchase, pricelist.pricepurchasemembers FROM knownitems,pricelist LEFT JOIN wanteditems ON wanteditems.pricelistid = pricelist.id WHERE pricelist.knownitemsid = knownitems.id AND (wanteditems.botid!=$botid OR wanteditems.pricelistid IS NULL) AND pricelist.botid=$botid AND knownitems.Imageid!=3 ORDER BY knownitems.name;");

		while ($myrow = mysql_fetch_row($result))
		{
			$resultB = mysql_query("SELECT pricelist.id FROM pricelist,wanteditems WHERE wanteditems.pricelistid = pricelist.id AND wanteditems.botid = $botid AND pricelist.id = " . $myrow[0] . ";");
			if (mysql_num_rows($resultB)<1)
			{
		?>
		<tr>
			<form method="post" action="purchase.php">
				<input type="hidden" name="action" value="add">
				<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
				<td><?echo ($myrow[0])?></td>
				<td><?echo ($myrow[1])?></td>
				<? // <td> ?><? //echo ($myrow[2])?><? // </td> ?>
				<td><?echo ($myrow[3])?></td>
				<td><?echo ($myrow[4])?></td>
				<td><?echo ($myrow[6])?></td>
				<td><?echo ($myrow[5])?></td>
				<td><input type="submit" name="submit" value="ADD"></td>
			</form>
		</tr>
		<?
			}
		}
		?>
	</table>
</body>
</html>
